Disaster Recovery - Business Continuity Planning Audits
The internal auditor can play a critical role in disaster recovery/business continuity resumption planning within an organization. This page provides resources and articles on the subject that you can use for reviews and planning for audits in this area. If you have any resources including audit programs, internal control questionnaires, checklists or other documents please consider sharing them for the benefit of the global audit community. Send your documents as attachments to editor@auditnet.org
Thanks to Dan Swanson for his contributions to this page.
EXECUTIVE GUIDE: DISASTER RECOVERY | SearchCIO.com
The devastating effects of hurricanes Katrina and Rita last
fall made clear the importance of disaster recovery plans
perhaps as well or better than any other
- Business Continuity and Contingency Management guidance
- Business Contingency Planning Guide
- OGC briefing on Business Contingency Management
The IIA’s DR and BCP resource repository
ISACA global Knowledge Network - Using the search facility (at the link provided) enter “business continuity”, “disaster recovery”, “emergency management”, etc, to obtain a variety of resources to help your efforts.
Generally Accepted Business Continuity Practices – includes information on:
- Project Initiation and Management
- Risk Evaluation and Control
- Business Impact Analysis
- Developing Business Continuity Strategies
- Emergency Response and Operations
- Developing Business Continuity
- Training and Awareness
- Maintaining and Exercising Business Continuity Plans
- Public Relations and Crisis Communications
- Coordination with Public
BS 25999 Business Continuity Management - a resource for information, links, news, events, resources and discussion for those seeking information and guidance on BS25999 specifically, also business continuity and emergency management in general.
Disaster Recovery Audit and Planning - Introduction to the subject of disaster recovery planning.
The Internal Auditor's Role in Disaster Recovery - article from the American Association of State Compensation Insurance Funds.
Disaster Recovery Guidelines from Bankers Online
Disaster Recovery and Business Resumption Planning article by Dana Turner from Bankers Online
Internal Audit’s perspective on the Continuity Plan Policy and a possible approach to focus development of an acceptable recovery plan is a PowerPoint presentation by the University of Minnesota's Internal Audit group.
Maintaining and Exercising Business Continuity Plans - from the Disaster Recovery Institute Canada
Selecting the "Right" Business Continuity Planning Recovery Strategy from ISACA
Audit Programs, Internal Control Questionnaires and Checklists
- Disaster Recovery Plan
- Disaster Recovery - Business Resumption Audit Program (Word, pdf)
- Disaster Recovery - Contingency Planning Audit Program
- Disaster Recovery - Contingency Planning ICQ
- Disaster Recovery Risk Evaluation (Word (pdf)
Miscellaneous Resources Contributed by AuditNet Community Members
- Bell South Business Continuity Planning Guide
- Business Impact Analysis Survey from NC State
- Business Continuity Report Benchmark Study
- Considerations by Executive Management
- Continuity Terminology Matrix
- Disaster Recovery Plan
- Earthquake Calendar Sender
- Earthquake Calendar Tri-Sender
- FEMA Emergency Management Guide
- Glossary of BCP Terms
- Incident Management Checklist
- Information Security Checklist
- NASD Notice Business Continuity Plans
- Securities Industries Association BCP Best Practices
- What Does it Take to Build a Good Business Continuity Plan?